package com.qianbao.configuration;


import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfiguration {


    // 创建realm
    @Bean
    public  ShiroCustomRealm shiroCustomRealm(){
        return new ShiroCustomRealm();
    }

    // shiro安全管理器
    @Bean
    public SecurityManager securityManager(){

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(shiroCustomRealm());

        securityManager.setSessionManager(sessionManager());
        securityManager.setCacheManager(cacheManager());

        return securityManager;
    }


    // 过滤器工厂
    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager){

        // 通用配置
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        shiroFilterFactoryBean.setLoginUrl("/usercenter/v1/notlogin");
        shiroFilterFactoryBean.setUnauthorizedUrl("/usercenter/v1/notAuth");

        // 过滤器集合
        Map<String,String> filterChainMap = new LinkedHashMap<>();

        filterChainMap.put("/sms/*/*","anon");
        filterChainMap.put("/usercenter/v1/register","anon");
        filterChainMap.put("/usercenter/v1/check-phone-register","anon");
        filterChainMap.put("/usercenter/v1/login","anon");
        filterChainMap.put("/usercenter/v1/forget-password","anon");
        filterChainMap.put("/usercenter/v1/notlogin","anon");
        filterChainMap.put("/usercenter/v1/notAuth","anon");
        filterChainMap.put("/bookcenter/**","anon");
        filterChainMap.put("/systemcenter/**","anon");
        filterChainMap.put("/shopcenter/**","anon");

        filterChainMap.put("/**","authc");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);

        return shiroFilterFactoryBean;
    }


    // redis的控制器 操作redis

    @Value("${spring.redis.host}")
    private String host;

    public RedisManager redisManager(){
        RedisManager redisManager = new RedisManager();
        redisManager.setHost(host);
        return redisManager;
    }


    // sessionDao

    public RedisSessionDAO redisSessionDAO(){
        RedisSessionDAO sessionDAO = new RedisSessionDAO();
        sessionDAO.setRedisManager(redisManager());
        return sessionDAO;
    }


    // 会话管理器

    public DefaultWebSessionManager sessionManager(){
        ShiroSessionManager sessionManager = new ShiroSessionManager();
        sessionManager.setSessionDAO(redisSessionDAO());
        // 禁用cookie
        sessionManager.setSessionIdCookieEnabled(false);
        // 禁用 url重写
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return sessionManager;
    }


    // 缓存管理器

    public RedisCacheManager cacheManager(){
        RedisCacheManager redisCacheManager = new RedisCacheManager();
        redisCacheManager.setRedisManager(redisManager());
        return redisCacheManager;
    }



    /**
     * 开启注解支持
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }


}
































